Threat Modeling: Tampering in Depth

Overview

Learn how tampering threats work and how to mitigate them. Explore how attackers can tamper with a variety of systems and tools, from debuggers to cloud services.

Syllabus

Introduction

Mitigate tampering threats
Four-question framework
Tampering as part of STRIDE

1. Tampering with a Process

Debuggers and input
Libraries
Mobile

2. Tampering with Storage

Tampering with local storage
Permissions
Effects of tampering

3. Tampering with Things

Whose screw? Physical tampering matters
Debug interfaces are exposed

4. Tampering with Time Itself

Time is increasingly important

5. Tampering with Cloud

Controls and authentication
Becoming Jane Admin

6. Tampering with Data Flows

Channels and messages
Replay and reflection
Headers: Injection and order

7. Integrity Defenses

Prevention and detection goals
Crypto
Something more privileged

Conclusion

Next steps

Taught by

Adam Shostack

Reviews

4.8 rating at LinkedIn Learning based on 65 ratings

Start your review of Threat Modeling: Tampering in Depth

Coursera Cuts Jobs Despite $100M Revenue Milestone

Most common

Popular subjects

Popular courses

Threat Modeling: Tampering in Depth

Overview

Syllabus

Taught by

Reviews

Coursera Cuts Jobs Despite $100M Revenue Milestone

Taught by

Threat Modeling Security Fundamentals

Performing Threat Modeling with the Microsoft Threat Modeling Methodology

Threat Modeling for Builders Workshop

Network Security

Detect threats and protect information in cloud apps using Microsoft Defender for Cloud Apps

Manage identity and access in Microsoft 365

110+ Hours of Free LinkedIn Learning Courses with Free Certification

Never Stop Learning.